Release Notes for the Content Pack for ITSI Monitoring and Alerting
Version 2.3.0 of the Content Pack for ITSI Monitoring and Alerting was released on July 13, 2023. Here's what to expect from this version.
New features
New features of the Content Pack for ITSI Monitoring and Alerting include the following. If no new features table is listed, this is a maintenance release.
| New feature or enhancement | Description |
|---|---|
Mapping for the service_name field in the itsi_summary index is now driven by SPL command rather than by automatic lookup from the content pack for ITSI Monitoring and Alerting
|
Automatic lookup responsible for returning the service_name field for the itsi_summary index is removed when users upgrade to Splunk App for Content Packs 2.0.0. This change to service name field mapping protocol in Service and Episode Monitoring Correlation Searches improves data reliability by eliminating the previous requirement for refreshing automatic lookup periodically to ensure that the service_name field populated for all records in the itsi_summary index. If you rely on the service_name field, this change affects you. To obtain the index=itsi_summary | lookup service_kpi_lookup _key AS serviceid OUTPUT title AS service_name | search service_name="*Web*" |
| Enhanced support for itsi_instruction in itsi_kpi_attributes lookup | This improves the accessibility of instructions for KPI or SHS notable events. By incorporating the itsi_instruction field into the itsi_kpi_attributes lookup, customers have a designated location to provide and retrieve instructions, facilitating easier utilization of this important information. |
| Update entity normalizer search to support a new status tracking field | This enhancement introduces a more efficient approach for handling unstable entities in the normalizer discovery search. By using a new flag, the search can exclude its contribution to overall entity status, improving the accuracy of status calculation. |
| Support for a new KPI, 'Incoming Alerts by Monitoring Tool,' in ITSI Alert Analytics Service | With this KPI incorporated into service templates and the default Alert Monitoring service, customers gain visibility into the sources of incoming alerts, aiding them in optimizing their alert management workflows. |
Fixed issues
This version of the Content Pack for ITSI Monitoring and Alerting has these reported fixed issues. If no fixed issues are listed in the following table, no issues have been reported.
| Date resolved | Issue number | Description |
|---|---|---|
| June 26, 2023 | ITOPA-3 | Update ITSI Alert and Episode Monitoring Aggregation Policy to exclude events from other itsi_policy_ids |
| June 26, 2023 | ITOPA-50 | Update Episode Monitoring alerts to specify now() for _time to better support param.is_use_event_time configuration in alert_actions.conf. |
| June 26, 2023 | ITOPA-52 | The episode_contact_map and episode_contact_detail fields are accidentally being removed for Episode Monitoring - Set Episode to Highest Alarm Severity notables. |
Known issues
This version of the Content Pack for ITSI Monitoring and Alerting has the following reported known issues and workarounds. If no issues appear below, no issues have yet been reported.
| About the Content Pack for ITSI Monitoring and Alerting | Obtain service_name |
This documentation applies to the following versions of Content Pack for ITSI Monitoring and Alerting: 2.3.0
Download manual
Feedback submitted, thanks!